summaryrefslogtreecommitdiffstats
path: root/ssl/s23_srvr.c
Commit message (Collapse)AuthorAgeFilesLines
* Re-align some comments after running the reformat script.OpenSSL_0_9_8-post-reformatMatt Caswell2015-01-221-13/+13
| | | | | | | | | This should be a one off operation (subsequent invokation of the script should not move them) This commit is for the 0.9.8 changes Reviewed-by: Tim Hudson <tjh@openssl.org>
* Run util/openssl-format-source -v -c .Matt Caswell2015-01-221-473/+453
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* indent has problems with comments that are on the right hand side of a line.Matt Caswell2015-01-221-13/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Conflicts: crypto/bn/bn.h crypto/ec/ec_lcl.h crypto/rsa/rsa.h demos/engines/ibmca/hw_ibmca.c ssl/ssl.h ssl/ssl3.h Conflicts: crypto/ec/ec_lcl.h ssl/tls1.h Conflicts: crypto/ec/ecp_nistp224.c crypto/evp/evp.h ssl/d1_both.c ssl/ssl.h ssl/ssl_lib.c Conflicts: crypto/bio/bss_file.c crypto/ec/ec_lcl.h crypto/evp/evp.h crypto/store/str_mem.c crypto/whrlpool/wp_block.c crypto/x509/x509_vfy.h ssl/ssl.h ssl/ssl3.h ssl/ssltest.c ssl/t1_lib.c ssl/tls1.h Reviewed-by: Tim Hudson <tjh@openssl.org>
* Fix source where indent will not be able to copeMatt Caswell2015-01-221-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apps/ciphers.c ssl/s3_pkt.c Conflicts: crypto/ec/ec_curve.c Conflicts: crypto/ec/ec_curve.c ssl/s3_clnt.c ssl/s3_srvr.c ssl/ssl_sess.c Conflicts: apps/ciphers.c crypto/bn/bn.h crypto/ec/ec_curve.c ssl/t1_enc.c ssl/t1_lib.c Reviewed-by: Tim Hudson <tjh@openssl.org>
* mark all block comments that need format preserving so thatTim Hudson2015-01-221-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | indent will not alter them when reformatting comments (cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960) Conflicts: crypto/bn/bn_lcl.h crypto/bn/bn_prime.c crypto/engine/eng_all.c crypto/rc4/rc4_utl.c crypto/sha/sha.h ssl/kssl.c ssl/t1_lib.c Conflicts: crypto/rc4/rc4_enc.c crypto/x509v3/v3_scts.c crypto/x509v3/v3nametest.c ssl/d1_both.c ssl/s3_srvr.c ssl/ssl.h ssl/ssl_locl.h ssl/ssltest.c ssl/t1_lib.c Conflicts: crypto/asn1/a_sign.c crypto/bn/bn_div.c crypto/dsa/dsa_asn1.c crypto/ec/ecp_nistp224.c crypto/ec/ecp_nistp256.c crypto/ec/ecp_nistp521.c crypto/ec/ecp_nistputil.c crypto/modes/gcm128.c crypto/opensslv.h ssl/d1_both.c ssl/heartbeat_test.c ssl/s3_clnt.c ssl/s3_srvr.c ssl/ssl_sess.c ssl/t1_lib.c test/testutil.h Conflicts: apps/openssl.c apps/ts.c apps/vms_decc_init.c crypto/aes/aes_core.c crypto/aes/aes_x86core.c crypto/dsa/dsa_ameth.c crypto/ec/ec2_mult.c crypto/evp/evp.h crypto/objects/objects.h crypto/rsa/rsa_pss.c crypto/stack/safestack.h crypto/ts/ts.h crypto/ts/ts_rsp_verify.c crypto/whrlpool/wp_dgst.c crypto/x509v3/v3_ncons.c e_os2.h engines/ccgost/gost89.c engines/ccgost/gost_ctl.c engines/ccgost/gost_keywrap.c engines/ccgost/gost_keywrap.h engines/ccgost/gost_sign.c ssl/kssl.c ssl/s3_srvr.c Reviewed-by: Tim Hudson <tjh@openssl.org>
* Fix warningKurt Roeckx2014-10-211-1/+1
| | | | Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Keep old method in case of an unsupported protocolKurt Roeckx2014-10-211-2/+4
| | | | | | | | | | | | When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set the method to NULL. We didn't used to do that, and it breaks things. This is a regression introduced in 62f45cc27d07187b59551e4fad3db4e52ea73f2c. Keep the old method since the code is not able to deal with a NULL method at this time. CVE-2014-3569, PR#3571 Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 392fa7a952e97d82eac6958c81ed1e256e6b8ca5)
* Fix no-ssl3 configuration optionGeoff Thorpe2014-10-151-6/+9
| | | | | | | CVE-2014-3568 Reviewed-by: Emilia Kasper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Support TLS_FALLBACK_SCSV.Bodo Moeller2014-10-151-0/+3
| | | | Reviewed-by: Stephen Henson <steve@openssl.org>
* Fix protocol downgrade bug in case of fragmented packetsDavid Benjamin2014-08-061-7/+23
| | | | | | | CVE-2014-3511 Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Bodo Möller <bodo@openssl.org>
* PR: 2171Dr. Stephen Henson2010-02-161-5/+0
| | | | | | | | | Submitted by: Tomas Mraz <tmraz@redhat.com> Since SSLv2 doesn't support renegotiation at all don't reject it if legacy renegotiation isn't enabled. Also can now use SSL2 compatible client hello because RFC5746 supports it.
* Fix version handling so it can cope with a major version >3.Dr. Stephen Henson2010-01-131-1/+8
| | | | | | Although it will be many years before TLS v2.0 or later appears old versions of servers have a habit of hanging around for a considerable time so best if we handle this properly now.
* Servers can't end up talking SSLv2 with legacy renegotiation disabledDr. Stephen Henson2009-11-181-0/+5
|
* Make ssl code consistent with FIPS branch. The new code has no effectDr. Stephen Henson2008-06-161-0/+9
| | | | | at present because it asserts either noop flags or is inside OPENSSL_FIPS #ifdef's.
* fix support for receiving fragmented handshake messagesBodo Möller2006-11-291-1/+0
|
* Fix from HEAD.Dr. Stephen Henson2005-12-051-1/+1
|
* Add fixes for CAN-2005-2969OpenSSL_0_9_8aMark J. Cox2005-10-111-6/+1
| | | | Bump release ready for OpenSSL_0_9_8a tag
* Initialize SSL_METHOD structures at compile time. This removes the needDr. Stephen Henson2005-08-051-22/+4
| | | | for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
* Security fixes brought forward from 0.9.7.Ben Laurie2002-11-131-1/+1
|
* really fix race conditionsBodo Möller2002-09-251-5/+8
| | | | | | | Submitted by: "Patrick McCormick" <patrick@tellme.com> PR: 262 PR: 291
* really fix race conditionBodo Möller2002-09-231-0/+4
| | | | PR: 262
* Reorder inclusion of header files:Lutz Jänicke2002-07-101-1/+1
| | | | | | | | | | | | | | | | | des_old.h redefines crypt: #define crypt(b,s)\ DES_crypt((b),(s)) This scheme leads to failure, if header files with the OS's true definition of crypt() are processed _after_ des_old.h was processed. This is e.g. the case on HP-UX with unistd.h. As evp.h now again includes des.h (which includes des_old.h), this problem only came up after this modification. Solution: move header files (indirectly) including e_os.h before the header files (indirectly) including evp.h. Submitted by: Reviewed by: PR:
* fix length field we create when converting SSL 2.0 format into SSL 3.0/TLS ↵Bodo Möller2002-04-141-1/+1
| | | | | | 1.0 format (the bug was introduced with message callback support)
* Prototype info function.Ben Laurie2002-01-121-1/+1
|
* Implement msg_callback for SSL 2.0.Bodo Möller2001-11-101-1/+3
| | | | Important SSL 2.0 bugfixes (bugs found while implementing msg_callback).
* Assume TLS 1.0 when ClientHello fragment is too short.Bodo Möller2001-10-251-7/+12
|
* Fix SSL handshake functions and SSL_clear() such that SSL_clear()Bodo Möller2001-10-241-1/+1
| | | | | never resets s->method to s->ctx->method when called from within one of the SSL handshake functions.
* New functions SSL[_CTX]_set_msg_callback().Bodo Möller2001-10-201-3/+67
| | | | | | | | | | | | | | | | | | | | | New macros SSL[_CTX]_set_msg_callback_arg(). Message callback imlementation for SSL 3.0/TLS 1.0 (no SSL 2.0 yet). New '-msg' option for 'openssl s_client' and 'openssl s_server' that enable a message callback that displays all protocol messages. In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if client_version is smaller than the protocol version in use. Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the client will at least see that alert. Fix SSL[_CTX]_ctrl prototype (void * instead of char * for generic pointer). Add/update some OpenSSL copyright notices.
* The message header for fake SSL 3.0/TLS 1.0 client hellos created fromBodo Möller2001-10-161-6/+5
| | | | | | SSL 2.0 client hellos added with the previous commit was totally wrong -- it must start with the message type, not the protocol version. (Not that this particular header is actually used anywhere ...)
* Change ssl3_get_message and the functions using it so that completeBodo Möller2001-10-151-1/+10
| | | | | | | | 'Handshake' protocol structures are kept in memory, including 'msg_type' and 'length'. (This is in preparation of future support for callbacks that get to peek at handshake messages and the like.)
* Remove SSL_OP_NON_EXPORT_FIRST:Lutz Jänicke2001-08-011-66/+0
| | | | | It did not work, it was deactivated by #if 0/#endif anyway _and_ we now have the working SSL_OP_CIPHER_SERVER_PREFERENCE.
* Use new-style system-id macros everywhere possible. I hope I haven'tRichard Levitte2001-02-201-3/+3
| | | | | | | missed any. This compiles and runs on Linux, and external applications have no problems with it. The definite test will be to build this on VMS.
* Avoid protocol rollback.Bodo Möller2000-09-221-8/+13
|
* Document rollback issues.Bodo Möller2000-07-291-0/+2
|
* Fix SSL 2.0 rollback checking: The previous implementation of theBodo Möller2000-07-291-1/+2
| | | | | | | | | test was never triggered due to an off-by-one error. In s23_clnt.c, don't use special rollback-attack detection padding (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the client; similarly, in s23_srvr.c, don't do the rollback check if SSL 2.0 is the only protocol enabled in the server.
* There have been a number of complaints from a number of sources that namesRichard Levitte2000-06-011-3/+3
| | | | | | | | | like Malloc, Realloc and especially Free conflict with already existing names on some operating systems or other packages. That is reason enough to change the names of the OpenSSL memory allocation macros to something that has a better chance of being unique, like prepending them with OPENSSL_. This change includes all the name changes needed throughout all C files.
* Fix NO_RSA (misplaced #endif).Ulf Möller2000-02-241-1/+4
|
* Change EVP_MD_CTX_type so it is more logical and add EVP_MD_CTX_md forDr. Stephen Henson2000-02-221-1/+0
| | | | | | | | the old functionality. Various warning fixes. Initial EVP symmetric cipher docs.
* Workaround for irrelevant problem.Bodo Möller2000-02-201-7/+16
|
* Tolerate fragmentation and interleaving in the SSL 3/TLS record layer.Bodo Möller2000-02-201-0/+6
|
* ispell (and minor modifications)Ulf Möller2000-02-031-1/+1
|
* SSL_R_UNSUPPORTED_PROTOCOL (as in s23_clnt.c) for SSL 2 whenBodo Möller2000-01-161-1/+1
| | | | NO_SSL2 is defined, not SSL_R_UNKNOWN_PROTOCOL.
* Add missing #ifndefs that caused missing symbols when building libsslUlf Möller2000-01-161-0/+7
| | | | | | | | as a shared library without RSA. Use #ifndef NO_SSL2 instead of NO_RSA in ssl/s2*.c. Submitted by: Kris Kennaway <kris@hub.freebsd.org> Modified by Ulf Möller
* Precautions against using the PRNG uninitialized: RAND_bytes() nowUlf Möller2000-01-131-1/+1
| | | | | | returns int (1 = ok, 0 = not seeded). New function RAND_add() is the same as RAND_seed() but takes an estimate of the entropy as an additional argument.
* Clean up some of the SSL server code.Bodo Möller2000-01-111-1/+12
|
* Set s->version correctly for "natural" SSL 3.0 client helloBodo Möller1999-09-131-0/+3
|
* Repair another bug in s23_get_client_hello:Bodo Möller1999-09-101-21/+18
| | | | tls1 did not survive to restarts, so get rid of it.
* use explicit constant 11 just onceBodo Möller1999-09-031-3/+3
|
* Make previous bugfix actually workBodo Möller1999-09-031-9/+4
|
* Fix server behaviour when facing backwards-compatible client hellos.Bodo Möller1999-09-031-11/+42
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-06 10:55:15 +0000